Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0732

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0732
Last Modified 05 Sep 2008 04:35:06
Published 20 Oct 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0732

Summary

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.

Vulnerable Systems

Operating System

  • Ciscoworks Cd1 1st

  • Ciscoworks Cd1 2nd

  • Ciscoworks Cd1 3rd

  • Ciscoworks Cd1 4th

  • Ciscoworks Cd1 5th

Application

  • Cisco Resource Manager 1.0

  • Cisco Resource Manager 1.1

  • Cisco Resource Manager Essentials 2.0

  • Cisco Resource Manager Essentials 2.1

  • Cisco Resource Manager Essentials 2.2

  • Ciscoworks Common Management Foundation 2.0

  • Ciscoworks Common Management Foundation 2.1


References

CISCO - 20030813 CiscoWorks Application Vulnerabilities

BUGTRAQ - 20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities


Last Updated: 27 May 2016 10:38:02